While experimenting with the docker-compose version 2 format, I’ve noticed a difference from version 1. In version one, the first container/service that refers to a volume will cause the volume to be created and “seeded” with the filesystem contents at the container’s mountpoint, if any.
With version 2, the volume is created upon first reference, but is not seeded with any content. This seems to prevent a non-root process running inside the container from being able to use the volume, due to the default permissions.
In docker-compose v2, is there an alternative pattern for using on-demand named volumes and less-than-root privileges?